Information Security Consultant

11/2015 – offen

Serving as second level support to Azure Cloud, Systems, DB and networking in providing security analysis, Incident investigations and solutions to security events.

Investigating the suspicious events and unauthorized activity by the SIEM QRadar and follow-up on daily/weekly/reporting. Experience in tuning the dashboards and created offense rules for the alerts. Integrating Various log-sources into SIEM

Designed and configured the standards for Application security testing.

Managing security devices and applications including Firewalls, IDS/IPS, Vulnerability Assessment Tools, Proxy Servers and Anti-Virus.

Managed the applications that support the dealers by creating Threat Modeling for Sensitive Data(PII).

Application Security Testing using Rapid 7 AppSpider and Also doing Pen-testing on the Developed Application in Secure- SDLC Process

Testing the application by performing exploitation techniques with DAST & SAST in the S-SDLC Process by using Continuous Integration tools.

Experience with Open Source BurpSuite, Rapid 7 Appspider(Dynamic) and Microfocus Fortify (Static)

Experience with continuous integration techniques in S-SDLC process.

Hands-on experience in exploitation and validation from OWASP top 10 vulnerabilities

Managed the information security analysts who support threat and vulnerability management.
Analysis and follow-up on weekly Qualys Reporting (Scans)

Developed monthly performance metrics for threat and Infrastructure vulnerability management,

Cyber Security

1/2015 – 11/2015

Investigating the suspicious events and unauthorized activity by the SIEM LogRythm and follow-up on daily/weekly/reporting. Experience in tuning the dashboards and created rules for the alerts.

Monitoring the Network Activity, Event Activity and checking System health status

Respond to all security incidents in real time to stop the breaches and coordinate with the respective teams to resolve the threats.

Also worked on Managed Security Services for security Incidents with DELL SecureWorks

Managed the Qualys for modules Vulnerability management, WAS, Threat Protection and Policy & Compliance

Cyber Security

1/2011 – 1/2015

1) Best Buy - SOC Team - Security Engineer

Responsible for managing end to end solutions for ArcSight which includes monitoring, troubleshooting and Maintenance of the SIEM network and server Farm and also look into vulnerability assessment.

Respond to all security incidents and coordinate with the respective teams to defend the threats.

Designing and maintaining the best access management system, data, network security, backup and recovery.

Ensuring all the security policies are maintained and updated according to the ISO standards.

Arcsight: Managing End to End Solutions for Total Arcsight Environment, Managing & ArcSight infrastructure. Troubleshooting the issues within ArcSight, Managing ArcSight Loggers configuring ESM. Troubleshooting ESM (Enterprise Security Manager) ArcSight Express: Correlation and log management

Involved in activities such as Creation of new Rules, Dashboards, Active channels, Active lists, Reports & also fine-tuning of existing dashboards, rules for better monitoring.

Perform forensic analysis on massive archives of log data for security incident and regulatory investigations. Incident management processes for monitoring and correction of issues.


2) Master Card - Network Engineer

Responsible for managing end to end solutions for RSA Envision which includes monitoring, troubleshooting and Maintenance of the SIEM network and also look into vulnerability assessment.

Designing and maintaining the best access management system, data and network security, backup and recovery.

Ensuring all the security policies are maintained and updated according to the ISO standards.

Threat Analysis (Virus, Worm, and Vulnerabilities), Checking latest Threats and Risks related for the day, including technical details & giving awareness to the team.

3) LogLogic, Tibco - Systems Engineer

Worked Windows 2000/2003 Operating System, Active Directory, and
Messaging - Exchange 2000/2003/2007 Server, Networking

Extensive experience in managing critical online production servers of Active
Directory, Exchange Server, DNS, DHCP, WINS, SharePoint server, MS Project
Server, WSUS, SMS, SQL Server 2000/2005, Laptop’s and PC’s installation and
Hardware configuration

Deployment and managing Windows 2003, 2005 ,2008clustering and Storage
Area Network (SAN), Firewalls, DSL, VPN, RDP, Group Policies.

Configuration and deployment of Citrix XenApp or Presentation Server

Implementing Virtualization solution using – VMWare ESX Server 3.X and
Windows 2008 R2 Hyper-V.

Support to Desktops and Servers – Dell Power Edge, IBM, HP Blade Servers.

Have good experience in trouble shooting desktop issues.

Troubleshoot Server related issues and monitoring the Network.

Maintaining the Anti-virus Such as McAfee & Symantec and also updating the patches

Sicherheit von Webanwendungen, Server-Monitoring